Authentication means that you can now protect the web-enabled functions of your Arduino with a username and password.

There is at least one other version of Webduino supporting authentication, written by Claudio Baldazzi. It’s in this post on the original Google Project site of Webduino, with an example here. When I started working on improvements of the Webduino, plus new features for my own use, I considered using Claudio’s version but decided against it for the following reason:

With the Claudio’s version all pages of the Arduino would be protected by the same username and password. However I wanted a way to distinguish different user levels. E.g. Person A should be allowed to see on the web whether the lights are on or off, but only Person B is allowed to flick the switch.

Here’s how I did it.

The WebServer class now has two new methods: httpUnauthorized() sends error 401 back to the client, which in the case of a regular web browser causes the user to see a prompt for username and password. checkCredentials() checks whether a username and password have been sent with the request and whether they are valid, i.e. they have certain values. In a Webduino command function you should first run checkCredentials() and depending on the return value either run your “protected” code, like turning on the lights, or fire httpUnauthorized(). See the methods’ subpages of the API documentation for example code.

As reported earlier I had been given an Arduino Uno. I subsequently received my Ethernet Shield to hook the board up to the network. I’m clearly heading towards the Internet of things… Although I am still not 100% certain about what I’m going to do with the board (or how many additional ones I am going to have to buy) one things is pretty clear: It will have to be controllable and/or configurable over a web interface.

However after a short while I ran into problems. None of them were to blame on the library, but rather on myself, but that’s actually not the point of this post… When I ran Wireshark to look at the data going over the network I noticed that for every page loaded Firefox also tries to download favicon.ico from the web server. Since Webduino sends a 400 error back on any requests for resources that have not been defined Firefox just keeps retrying forever.

At around the same time I discovered that, to avoid excess traffic from robots, there is a default robots.txt built into Webduino. So I decided to add a default favicon.ico, based on the icon used in the “Web_Image” example that ships with Webduino. Now when the first page is requested, Firefox loads the icon file, which actually eats more resources than one 400 error, but it pays off down the road when Firefox caches the icon and does not request it again, saving the Arduino from having to generate many 400 errors…

Webduino "Hello World!" page with favicon.ico; this is the default favicon.ico in my version of Webduino

And since I see projects hosted on GitHub as an open invitation to fork I ended up with my own Webduino project on GitHub. Feel free to look at the code, to fork, clone, whatever (MIT license), and to let me know what you think! (Oh, and I gave the readme some TLC and also added a keywords.txt file for syntax highlighting.)

Links

This blog is about Information Technology (technical) issues, tips and tricks I find worth sharing with the world. It’s also the home base for all of my open source projects. If you want to support me financially, please go to the Donations page. For moral support please leave a comment, or follow me on Twitter or Facebook: